Part 3: Are Users Putting Your Sensitive Data at Risk?

Part 3: Are Users Putting Your Sensitive Data at Risk?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Are Users Putting Your Sensitive Data at Risk? Previously in this blog series, we talked about understanding your organization’s data footprint. We also discussed methodologies for identifying where sensitive data exists. At this point, you’re probably realizing how much data lives across your organization and wondering… who is accessing all this information? The concern now isn’t solely about the data itself, but rather that users within…

Read More Read More

Part 2: Is Your Unstructured Data Safe?

Part 2: Is Your Unstructured Data Safe?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Is Your Unstructured Data Safe? In Part 1 of this blog series, we uncovered a lurking fear among administrators everywhere: the unknown of unstructured data. Over 60% of people do not know where their unstructured data lives across their organization. This is particularly scary because unstructured data accounts for over 80% of all data within any organization. Fortunately, as we discussed previously, there are tried and…

Read More Read More

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study

Part 1: Do You Know Where Your Data Lives? Thinking of all the data that lives across your organization? It’s a spooky thought. According to a recent Ponemon study on the current state of Data Access Governance (DAG), 62% of people have no confidence or little confidence of where users are storing unstructured data. On the surface, it might seem like a daunting task to figure out where all your data lives. However, with the right tools and a plan,…

Read More Read More

ProTip – Protecting Sensitive Data Step-up Authentication

ProTip – Protecting Sensitive Data Step-up Authentication

In prior ProTips we have explored discovering sensitive data throughout the environment, managing access to that data and monitoring it. Today’s ProTip focuses on adding an additional layer of protection that protects sensitive data in the event of a Ransomware outbreak, or compromised credentials being used to steal data. Creating the Investigation First, we create an investigation that looks for users accessing sensitive data. There are several things that happen behind the scenes – first data is discovered, classified and…

Read More Read More

Monitoring Sensitive Data Activity and Identifying Data Owners

Monitoring Sensitive Data Activity and Identifying Data Owners

If you’ve been following along in this 6-part Checkbox Compliance to True Data Security series, you should have a better understanding of how to locate your data, pinpoint which data is considered sensitive or risky to your organization, and compile a priority list of the sensitive data you’ll want to govern first. You may be thinking that once you’re done with the above it’s time to start making changes to security and locking down the risky data you found, however,…

Read More Read More

Collect and Analyze Relevant Data Points to Assess Risk

Collect and Analyze Relevant Data Points to Assess Risk

The goal of the Collect and Analyze phase is to assess relevant data points to answer critical questions like what’s the sensitivity of the data, who has access to it, who owns it, and what’s the age of that data.  When you begin to understand the answers to these questions, you can then begin prioritizing the resources that are at most risk and limiting access to them as you work towards achieving a Least Privilege Access model.

Moving from Checkbox Compliance to True Data Security

Moving from Checkbox Compliance to True Data Security

Organizations are shifting their focus to a core set of principles around protecting their credentials and data, but they struggle with a starting point. In this 6-part ‘Checkbox Compliance to True Data Security’ blog series, we will provide a foundational blueprint. The series will cover an overview of Data Access Governance (DAG) and introduce the 5 phases that will help shape a true data security program. In an interview with Dark Reading, Brian Christensen, head of global audit for Protiviti…

Read More Read More

Announcing StealthDEFEND 1.1

Announcing StealthDEFEND 1.1

Point releases are not usually a big deal. And while we could have quietly released the latest version of our real-time threat analytics and alerting component of the STEALTHbits’ Data Access Governance suite, the team worked hard to incorporate the feedback we received and make significant strides. The cyber security industry skills gap continues to increase; some, myself included believe that skills are not the only shortage we face. Many security challenges are becoming too complex to solve via traditional…

Read More Read More

Auditing and Reporting for Box Like Never Before

Auditing and Reporting for Box Like Never Before

Something I say in customer meetings a lot is that unstructured data isn’t glamourous. In a world where people are talking about machine learning, IoT, the latest vulnerabilities and exploits, and other cutting edge stuff, files and folders doesn’t get a lot of air time. If you’re reading this blog, though, you know these uncool bits of data are potentially dangerous and need attention. That leads to an interesting effect in meetings. Often prospects and customers will ask us what…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.